Privacy Policy

The aim of this document is to tell you, the user of our services, how we handle your personal information and data. It's a legal requirement that we tell you how we capture, manage and store your personal data and that we keep you up-to-date if we make any changes. You may get emails from us from time to time letting you know that we've made some changes. You can check back here at any point if you want to check our privacy policy as our most up-to-date version will always be displayed.

Due to the way that our platform works, it's also really important that you read this notice in full because the way that we handle data may impact your client's too and you will need to notify them within your own privacy notice.

Get Ink Limited is a company registered in England and Wales (company number 14578035) with a registered address of 1 Langthorne Court, Morley, Leeds, England, LS27 9DR ('we', 'our', 'us' in this privacy statement).

Get Ink is responsible for collecting, processing, storing and safe-keeping personal and other information as part of providing a service and carrying out our regular business activities. We manage personal information in accordance with data protection legislation including the Data Protection Act 2018 and we are registered as a Data Controller with the Information Commissioner's Office. Registration number: ZB652741.

Any questions regarding our processing of personal data should be directed to us via email hello@getink.app.

Data Processing Principles

We take protecting online privacy and data security seriously. Please read the whole of this statement carefully as it sets out our approach to processing personal data including what information we may collect from you, how we may use it, store it and protect it, and your rights.

This Privacy Notice outlines our approach to any kind of data processing where we are in control of your data, or have some control of your data (including collection, use, transfer, storage and deletion) of personally identifiable information (any information that may be used to identify a person). This statement applies to our processing of data collected through any means, actively as well as passively, from persons located anywhere in the world.

We are guided by the following principles when we process data:

  1. We will only collect data for specific and specified purposes;
  2. We will not collect data beyond what is necessary to achieve those purposes; we will minimise the amount of information we collect from you to what we need to deliver the services required;
  3. We will collect and use your personal information only if we have sensible business reasons for doing so, such as making available to you our services and products;
  4. We will not use your data for purposes other than those for which it was collected, except as stated within our policy, or with your prior consent;
  5. We will seek to verify and/or update your data from time to time and we will accept requests from you for amendment of the data held;
  6. We will apply high technical standards to make our processing of data secure;
  7. Except otherwise stated, we will not store data in identifiable form longer than is necessary to achieve its purpose or as required by law.

What Information We Collect

In accordance with data protection legislation we only collect and process information which we require to meet the specific purposes as stated above. The information we may collect about you could include, but is not limited to:

  • Contact details;
  • Personal details and identifiers;
  • Financial information;
  • Details about your business;
  • Photographs of your tattoos;
  • Details about how you use our website including technical data such as IP address.

Occasionally we may ask for information which is called 'special category data' if necessary for delivery of a particular service or product, such as medical information. Any such special category data will only be collected with your express consent and will be handled in line with ICO best practice guidelines for special category data.

As per our 'Data Processing Principles' we will only ask for information that is necessary to deliver our services, and therefore we encourage you not to provide us with personal data or special category data which we do not ask for.

How We Collect, Use and Share Personal Data

Most personal information is provided directly and voluntarily by you when you engage with us in order to enquire about, or purchase, our services or products. We will collect information from you when:

  1. You sign up or create a profile on our app;
  2. You sign up to our newsletter or mailing list;
  3. You contact us for information via our website or social media channels, by phone or email;
  4. You post on our social media channels, website or blog;
  5. You work with us in a commercial capacity.

We may also collect personal information about you from third party sources, such as when you choose to connect your social media accounts with our site or log in through a social media platform. However, we will only use this information where these third parties either have your consent or are otherwise legally permitted or required to share your personal information with us.

We collect this information in order to make available to you our services or products and to communicate with you in relation to our services or products. We may use the information collected to:

  1. Allow us to process a booking for a product or service which you purchase from us;
  2. Create a profile for you on our client database;
  3. Send you our newsletters and/or provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes;
  4. Respond to enquiries you make about our services or products;
  5. Ask you to take part in feedback surveys;
  6. Ensure that content from our site is presented to you in the most effective manner for you and your computer or device;
  7. Allow you to access and utilise the service or product you have purchased from us;
  8. Notify you about changes to our services or products;
  9. Provide personalised content and advertising that is targeted to your interests;
  10. Get feedback from you regarding the quality of our services or products.

We will not sell or lend your personal data to third parties, or share your personal data for marketing purposes without your express consent. We will only share your personal data with third party service providers where it is necessary for the delivery of our products or services, and only where we are confident that and such third party service providers have appropriate data protection systems and measures in place that are compliant with UK data protection legislation.

How We Store and Process Your Information

We have in place appropriate technical and organisational measures to ensure the security, confidentiality, integrity and availability of personal data we control. Your personal information is securely stored on Get Ink's MongoDB cloud storage database which is not publicly accessible or stored in any public domain. It is accessible to our employees and affiliates only, and is password protected. Photographs or images which you provide are securely stored on Get Ink's Cloudinary cloud storage platform. Your information may also be stored on our third-party email platform, Mailjet, whose servers are based inside the EU and are compliant with the General Data Protection Regulation (GDPR).

Your information may also be stored on our third party SMS platform, Twilio, whose servers are based in the US and who are fully certified under the EU-U.S. Data Privacy Framework (including the UK Extension). We also use Vercel to host part of our service and your personal data may be processed by Vercel as a hosting provider. We also use Google Analytics to provide our website analytics and who have access to limited personal data to provide their third party analytics service. Your personal information, including financial information, may also be stored and processed by Stripe who we use to manage all payments and subscriptions through our website. Our third-party providers have their own privacy policies which you can view on their websites.

We may store or process your data on cloud based platforms or service providers whose servers are based outside of the UK/EEA which may constitute a transfer of data under GDPR. We will only use such third party service providers where we are confident that appropriate safeguards are in place to ensure that any personal data transferred outside of the UK/EEA is subject to an equivalent level of security and protection as required under UK Data Protection Legislation, such as the UK Extension to the EU-U.S. Data Privacy Framework. To learn more about the EU-U.S. Data Privacy Framework, visit the U.S Department of Commerce's website at https://dataprivacyframework.gov.

We also have in place appropriate procedures to handle any potential personal data breaches, in accordance with Data Protection Legislation. Any such breaches will be reported to the relevant supervisory authority and notified to the affected individuals where we are legally required to do so.

We will only keep your personal data for as long as is necessary to meet the requirements for which it was collected. This will vary depending on the nature of the requirements and the processing, but apart from in exceptional circumstances where longer retention is necessary we will only retain your personal data for 6 years. After this period of time we will delete your personal data unless there is a legitimate business reason to retain all or parts of the data we hold.

Legal Basis for Processing Your Data

The General Data Protection Regulation (GDPR) provides that processing of your data shall only be lawful if and to the extent that at least one of the following applies:

  1. You have consented;
  2. For the performance of a contract;
  3. For compliance with a legal obligation which we must perform;
  4. To protect the vital interests of your or another person;
  5. It is in the public interest;
  6. It is in the legitimate interests pursued by us or a third party.

We collect data for the purposes set out above. All personal data is managed to ensure that it is either erased from our system when it is no longer required for the purpose for which it was collected, retained for legal reasons or minimised and retained.

Any special category data collected from you has special protection and is limited to that permissible by law. In all instances where special category data is collected we will obtain your express consent.

Your Legal Rights as a Data Subject

You have a number of legal rights in relation to the personal data that we hold about you and you can exercise your rights by contacting us using the details at the end of this statement. These rights include:

  1. The right to obtain information regarding the processing of your personal data and access to the personal data which we hold about you. If you wish to access your personal data please email us at the address provided in this notice;
  2. The right to withdraw your consent to our processing of your personal data at any time;
  3. In some circumstances, the right to receive some personal data in a structured, commonly used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible. Please note that this right only applies to personal data that you have provided to us;
  4. The right to request that we correct your personal data if it is inaccurate or incomplete;
  5. The right to request that we erase your personal data in certain circumstances;
  6. The right to request that we restrict our processing of your personal data in certain circumstances;
  7. The right to lodge a complaint with the applicable data protection regulator, in the UK this is the Information Commissioner's Office (ICO).
  8. When we are processing on the grounds of legitimate interest, you have the right to object to the processing and we must stop unless we have an overriding reason which will be communicated to you.

Links From Our Website

Our site contains links to and from other websites which are operated by individuals and companies over which we have no direct control. If you follow a link to any of these websites, please note that these websites have their own privacy and terms of use policies. We do not accept any responsibility or liability for these policies. We advise you to check the policies for third party sites before you submit any personal data to the website.

Marketing Emails

We may send you marketing emails and communications when you have opted in or otherwise given consent for us to do so. We will make it as easy as we can for you to opt out of unwanted processing, providing it does not restrict our ability to provide you with the primary service you have requested.

Please note if you wish to unsubscribe from any marketing emails that you have signed up for, you can do so by emailing hello@getink.app or clicking onto the unsubscribe link on the marketing email that was sent to you.

Cookies and Website Analytics

We use website analytics to provide the best user experience and service to you and to evaluate and improve our site. We utilise third party data analytics service providers to improve our visibility and to monitor website browser behaviour and navigation across our site.

These third-party data analytics service providers collect this information using cookies on our behalf in accordance with our instructions and in line with their own privacy policies. Our service providers may collect the following data about the way you use our site, which will almost always be anonymised and aggregated before reporting back to us:

  1. Number of visitors to our site;
  2. Pages visited whilst using the site and time spent per page;
  3. Page interaction information, such as scrolling, clicks and browsing methods;
  4. Source location and details about where users go when they leave the site;
  5. Page response times and any download errors;
  6. Technical information relating to end user devices, such as IP address or browser plug-in

From time to time we may use the information collected about you to present you with targeted advertisements using platforms such as Facebook, X (formerly known as Twitter), Google and/or Instagram.

If you wish to limit or reject cookies associated with our website you can do this in your browser settings. Please be aware that by choosing to limit or reject cookies from our website you may not be able to use or benefit from certain features, particularly the features designed to personalise your experience.

Changes to Our Policy & Future Processing

This Privacy Policy was last updated on 19 January 2024 and is reviewed every 6 months, or when there are changes made to data protection legislation, whichever is sooner.

We do not intend to process your personal information except for the reasons stated within this privacy notice. We reserve the right to update this Privacy Notice from time to time. Where appropriate, we shall contact you to notify you of any material changes to the Privacy Notice. You should also refer to our website periodically so that you may access and view our updated Privacy Notice. This will ensure that you understand how we are using your personal data and your legal rights around our usage of such personal data.

If you have any questions or concerns regarding our data protection or privacy policies, please contact us at hello@getink.app and we will be happy to respond to any concerns.

Should you still have concerns about the way in which we manage your personal data then you should contact the relevant supervisory authority, which in the UK is the Information Commissioner's Office.